CVE-2026-27766

in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak...

PT-2026-41817

in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak...

PT-2026-3791

Name of the Vulnerable Software and Affected Versions TP-Link Archer C20 versions prior to V6 251031 TP-Link Archer AX53 version prior to V1 251215 Description A logic issue exists in the TDDP module of TP-Link Archer C20 v6.0 and Archer AX53 v1.0. An unauthenticated attacker on an adjacent netwo...

CVE-2022-31324

An arbitrary file download vulnerability in the downloadAction function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request...

EUVD-2022-52865

Malicious code in bioql PyPI...

EUVD-2024-47482

Malicious code in bioql PyPI...

CVE-2025-3082

A user authorized to access a view may be able to alter the intended collation, allowing them to access to a different or unintended view of underlying data. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.20, MongoDB Server v7.0 version...

Rockwell Automation Pavilion8

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : Pavilion8 Vulnerabilities : Improper Privilege Management, Path Traversal 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

CVE-2024-3372

Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-authentication and may cause unexpected application behavior including unavailability of serverStatus responses. This issue affects MongoDB Server v7.0 versions prior t...

CVE-2024-3374

An unauthenticated user can trigger a fatal assertion in the server while generating ftdc diagnostic metrics due to attempting to build a BSON object that exceeds certain memory sizes. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.16 and MongoDB Server v6.0 versions...

MongoDB Server may have unexpected application behaviour due to invalid BSON

Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-authentication and may cause unexpected application behavior including unavailability of serverStatus responses. This issue affects MongoDB Server v7.0 versions prior t...

CVE-2024-3372

CVE-2024-3372 : MongoDB servers are affected by improper validation of certain metadata input that may cause the server to mis-serialize BSON. The issue can be exploited pre-authentication and may lead to unexpected application behavior, including unavailability of serverStatus responses. Affecte...

Tenda N301 安全漏洞

Tenda N301 is a wireless router from Tenda China. A security vulnerability exists in the Tenda N301 version v6.0, which stems from the presence of a clear-text transmission that allows an authenticated attacker on a LAN or WLAN to intercept communication with the router and obtain a password...

CVE-2023-29681

CVE-2023-29681 affects the Tenda N301 router (v6.0) with firmware v12.03.01.06_pt. The issue is cleartext transmission in the cookie ecos_pw, enabling an authenticated attacker on the LAN/WLAN to intercept router communications and obtain the password. Red Hat advisories corroborate the same cook...

ALSA-2023:1566 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-0266 kernel: FUSE filesystem low-privileged user...

GSD-2023-1001996 ice: Add check for kzalloc

ice: Add check for kzalloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit 96a9873188552ebb2afe76033d7329a5ecabef6e, it was...

Null pointer dereference

A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmetsetupauth, allows an attacker to perform a Pre-Auth Denial of Service DoS attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4...

CVE-2023-0122

A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmetsetupauth, allows an attacker to perform a Pre-Auth Denial of Service DoS attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4...

UBUNTU-CVE-2023-0122

A NULL pointer dereference vulnerability in the Linux kernel NVMe functionality, in nvmetsetupauth, allows an attacker to perform a Pre-Auth Denial of Service DoS attack on a remote machine. Affected versions v6.0-rc1 to v6.0-rc3, fixed in v6.0-rc4...

GSD-2023-1000775 selftests/bpf: Fix xdp_synproxy compilation failure in 32-bit arch

selftests/bpf: Fix xdpsynproxy compilation failure in 32-bit arch This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...